Overview

overview

10

Static

static

1322359098...ff.exe

windows7-x64

10

1322359098...ff.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    13223590981680f388c4eda8973ff03e2bd1c9ecfd366b5e253f03e0d0920fff

  • Size

    268KB

  • Sample

    221203-yyqh6sbf67

  • MD5

    060e487c1790fc79b344122ac87db7b0

  • SHA1

    1ece0ca49aee497833ae50a3cd3da7542bea2674

  • SHA256

    13223590981680f388c4eda8973ff03e2bd1c9ecfd366b5e253f03e0d0920fff

  • SHA512

    8fc1dc2e9d5d9d7f851e2b1328d51709c6493720fe5582f029273a7c69e4a9184bd52d79f40f12177444c9c04bb62b3c82149ff28261ecd3afe576447e7df2a4

  • SSDEEP

    3072:1wRaPXh0xpuneIl6BjNlgnCW5tweOmJViklsKsJ5lB0e5/NhYrx5X7rZ6L07fJ:1wbI8anCWcilu5lB08PY7X7rZ6M

Score
10/10
evasionpersistence

Malware Config

Targets

    • Target

      13223590981680f388c4eda8973ff03e2bd1c9ecfd366b5e253f03e0d0920fff

    • Size

      268KB

    • MD5

      060e487c1790fc79b344122ac87db7b0

    • SHA1

      1ece0ca49aee497833ae50a3cd3da7542bea2674

    • SHA256

      13223590981680f388c4eda8973ff03e2bd1c9ecfd366b5e253f03e0d0920fff

    • SHA512

      8fc1dc2e9d5d9d7f851e2b1328d51709c6493720fe5582f029273a7c69e4a9184bd52d79f40f12177444c9c04bb62b3c82149ff28261ecd3afe576447e7df2a4

    • SSDEEP

      3072:1wRaPXh0xpuneIl6BjNlgnCW5tweOmJViklsKsJ5lB0e5/NhYrx5X7rZ6L07fJ:1wbI8anCWcilu5lB08PY7X7rZ6M

    Score
    10/10
    evasionpersistence

    • Modifies visiblity of hidden/system files in Explorer

      evasion

    • Executes dropped EXE

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Loads dropped DLL

    • Adds Run key to start application

      persistence

    • Maps connected drives based on registry

      Disk information is often read in order to detect sandboxing environments.

    behavioral1behavioral2

MITRE ATT&CK Enterprise v6

Tasks